INN commit: trunk (backends/actsync.c doc/pod/actsync.pod)

Bill Davidsen davidsen at tmr.com
Thu Aug 9 15:02:02 UTC 2007


Julien ÉLIE wrote:
> En réponse à Russ Allbery :
>   
>>> +    /* prepare the w_string parameter for ctlinnd time out
>>> +       (+3 for '-t ' and +1 for '\0') */
>>> +    w_size = snprintf(w_string, 0, "%d", w_flag) + 4;
>>> +    w_string = xmalloc(w_size);
>>> +    snprintf(w_string, w_size, "-t %d", w_flag);
>>>       
>> In CURRENT, you can just use asprintf.
>>     
>
> All right.  I have just changed actsync to use asprintf.
>
>
>   
>> (There are still a lot of
>> instances of this construct around that need to be converted to use
>> asprintf instead.)
>>     
>
> I have changed /some/ of these instances.  The remaining instances
> need some more work since addresses and length are sum or differences.
>
> The one in innfeed/imap_connection.c (using length = 7 + 50 + 20)
> was weird (there is no comment about why that sum).
>
>   
I would not be surprised if some snprintf calls should not be converted. 
Not all instances are intended to prevent overflow, some are useful to 
limit the length of a string for other reasons. Producing human readable 
logs or whatever. Automatic allocation is neat, but every path must free 
the string, and format elements may need to be limited in length to 
avoid unwanted arbitrarily long results.

PITA for you, you need to decide in every case if a very long string 
could happen and what it would impact to have such a thing.

-- 
bill davidsen <davidsen at tmr.com>
  CTO TMR Associates, Inc
  Doing interesting things with small computers since 1979




More information about the inn-workers mailing list